Skip Ribbon Commands
Skip to main content
Mauritian National Computer Security Incident Response Team (CERT-MU)

CERT-MU AD-2012-22

Google Chrome Prior to 15.0.874.120 Multiple Security Vulnerabilities
Original issue date: November 10, 2011
Updated: May 14, 2012
Severity Rating:High
Overview

Multiple vulnerabilities have been identified in Google Chrome and they can be exploited by remote attackers to cause execution of arbitrary code and conduct other attacks. The vulnerabilities exist because of several flaws detected within Google Chrome. An update has been released to address these vulnerabilities.

Description
Multiple vulnerabilities have been identified in Google Chrome and they can be exploited by remote attackers to cause execution of arbitrary code and conduct other attacks. The vulnerabilities reported are as follows:
  • Double free vulnerability in the Theora decoder in Google Chrome and it can allow remote attackers to cause a denial of service or have unspecified other impact via a crafted stream.
  • Google Chrome does not properly implement the MKV and Vorbis media handlers. This can allow remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
  • Another vulnerability exists because Google Chrome does not properly perform VP8 decoding. This can allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted stream.
  • A heap-based buffer overflow occurs in the Vorbis decoder and this can allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream.
  • There is a buffer overflow and it can allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to shader variable mapping.
  • A use-after-free vulnerability in Google Chrome and this can allow user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing.
  • When Java Runtime Environment (JRE) 7 is used, it does not request user confirmation before applet execution begins. This can allow remote attackers to have an unspecified impact via a crafted applet.
Affected Systems
  • Google Chrome 15.0.874 102
  • Google Chrome 9.0.597.94
  • Google Chrome 9.0.597.84
  • Google Chrome 9.0.597.107
  • Google Chrome 8.0.552.344
  • Google Chrome 8.0.552.310
  • Google Chrome 8.0.552.309
  • Google Chrome 8.0.552.308
  • Google Chrome 8.0.552.307
  • Google Chrome 8.0.552.306
  • Google Chrome 8.0.552.305
  • Google Chrome 8.0.552.304
  • Google Chrome 8.0.552.303
  • Google Chrome 8.0.552.302
  • Google Chrome 8.0.552.301
  • Google Chrome 8.0.552.300
  • Google Chrome 8.0.552.237
  • Google Chrome 8.0.552.226
  • Google Chrome 8.0.552.225
  • Google Chrome 8.0.552.224
  • Google Chrome 8.0.552.223
 
List of other affected systems are available on:
Solution
Users are advised to apply updates.
More information about the update is available on:
CVE Information
References
Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
E-mail:
 

Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis